Multicast DNS: Difference between revisions
From charlesreid1
(Created page with "multicast DNS: stumbled upon this 7/11/20 after setting up iptables and logging dropped packets, and seeing 224.0.0.251 sending traffic on port 5353. the 5353 was a clue tha...") |
No edit summary |
||
| Line 8: | Line 8: | ||
Here it is in plain English: multicast DNS and service discovery are common in modern tech products (home and small office environment - printers, routers, etc.). Part of zeroconf, a suite of technologies to help network devices discover each other in absence of authoritative DNS server. | Here it is in plain English: multicast DNS and service discovery are common in modern tech products (home and small office environment - printers, routers, etc.). Part of zeroconf, a suite of technologies to help network devices discover each other in absence of authoritative DNS server. | ||
This is also used by laptops (e.g., Mac -> System Preferences -> Sharing). Name of your mac, dot local (MacAndCheese.local), is an address that everyone on the network can find. How does that work? | |||
You can make a DNS request for the name MacAndCheese.local using dig, and specify the special DNS address 244.0.0.251 and port 5353: | |||
<pre> | |||
dig @224.0.0.251 -p 5353 +short MacAndCheese.local | |||
</pre> | |||
This is a special multicast address for multicast DNS. When a query is sent to this special address, all devices on the network see a copy of the query and can choose to respond. If your Mac is up and sees the request, it responds with its IP address. | |||
Revision as of 15:20, 11 July 2020
multicast DNS:
stumbled upon this 7/11/20 after setting up iptables and logging dropped packets, and seeing 224.0.0.251 sending traffic on port 5353.
the 5353 was a clue that it was related to DNS, but it turns out this is a whole rabbit hole about some kind of local loopback DNS.
RFC 6762: https://tools.ietf.org/html/rfc6762
Here it is in plain English: multicast DNS and service discovery are common in modern tech products (home and small office environment - printers, routers, etc.). Part of zeroconf, a suite of technologies to help network devices discover each other in absence of authoritative DNS server.
This is also used by laptops (e.g., Mac -> System Preferences -> Sharing). Name of your mac, dot local (MacAndCheese.local), is an address that everyone on the network can find. How does that work?
You can make a DNS request for the name MacAndCheese.local using dig, and specify the special DNS address 244.0.0.251 and port 5353:
dig @224.0.0.251 -p 5353 +short MacAndCheese.local
This is a special multicast address for multicast DNS. When a query is sent to this special address, all devices on the network see a copy of the query and can choose to respond. If your Mac is up and sees the request, it responds with its IP address.